Lucene search
K

9 matches found

OSV
OSV
added 2021/03/15 9:49 p.m.4 views

USN-4814-1 asterisk vulnerabilities

Richard Mudgett discovered that Asterisk did not properly check the length of input string when setting the user field for PartyB on a CDR. A remote attacker could use this vulnerability to cause a denial of service crash or potentially execute arbitrary code. CVE-2017-16671 Alex Villacis Lasso...

8.8CVSS7.5AI score0.06243EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/05/31 12:0 a.m.36 views

Fedora Update for asterisk FEDORA-2018-cf1dd2166b

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.75351EPSS
Exploits0References2
Debian
Debian
added 2017/12/30 11:59 a.m.23 views

[SECURITY] [DSA 4076-1] asterisk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4076-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 30, 2017 https://www.debian.org/security/faq -...

8.8CVSS8AI score0.81511EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2017/11/17 12:0 a.m.31 views

Asterisk 13.x < 13.18.1 / 14.x < 14.7.1 / 15.x < 15.1.1 / 13.13 < 13.13-cert7 Multiple Vulnerabilities (AST-2017-009 - AST-2017-011)

According to its SIP banner, the version of Asterisk running on the remote host is 13.x prior to 13.18.1, 14.x prior to 14.7.1, 15.x prior to 15.1.1, or 13.13 prior to 13.13-cert7. It is therefore, affected by multiple vulnerabilities as described in AST-2017-009, AST-2017-010, and AST-2017-011...

8.8CVSS7AI score0.04678EPSS
Exploits0References5
OSV
OSV
added 2017/11/09 12:29 a.m.19 views

CVE-2017-16671

A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrari...

8.8CVSS6.6AI score
Exploits0References5
OSV
OSV
added 2017/11/09 12:29 a.m.1 views

DEBIAN-CVE-2017-16671

A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrari...

8.8CVSS8.5AI score0.03344EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/09 12:0 a.m.25 views

CVE-2017-16671

A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrari...

8.6AI score0.03344EPSS
Exploits0References5
CVE
CVE
added 2017/11/09 12:0 a.m.94 views

CVE-2017-16671

CVE-2017-16671 affects Asterisk Open Source 13.x (&lt;13.18.1), 14.x (&lt;14.7.1), 15.x (&lt;15.1.1) and Certified Asterisk 13.13 (=13.23.1, and FreeBSD/FreeBSD-based advisories mirror the fix trajectory. If exploiting, an attacker could trigger overflow via crafted CDR updates. No exploitation s...

8.8CVSS8.5AI score0.03344EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2017/11/09 12:0 a.m.18 views

CVE-2017-16671

A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrari...

8.8CVSS7.9AI score0.03344EPSS
Exploits0
Rows per page
Query Builder